34 lines
819 B
Bash
34 lines
819 B
Bash
# shellcheck shell=bash
|
|
|
|
install -d -m 700 "$GNUPGHOME"
|
|
|
|
KEYS="$HOME/.config/sops-nix/secrets/gpg"
|
|
|
|
import_key() {
|
|
local keyfile="$1/key"
|
|
local passfile="$1/pass"
|
|
|
|
if [[ -f "$passfile" ]]; then
|
|
gpg2 --batch --yes --pinentry-mode loopback --passphrase-file "$passfile" --import "$keyfile"
|
|
else
|
|
gpg2 --batch --yes --import "$keyfile"
|
|
fi
|
|
|
|
gpg2 --with-colons --import-options show-only --import "$keyfile" \
|
|
| grep '^fpr' \
|
|
| cut -d: -f10 \
|
|
| while read -r key_id; do
|
|
echo "$key_id:6:" >> "$GNUPGHOME/otrust.txt"
|
|
done
|
|
}
|
|
|
|
if [[ -f "$KEYS/key" ]]; then import_key "$KEYS"; fi
|
|
|
|
for dir in "$KEYS"/*; do
|
|
if [[ ! -d "$dir" ]]; then continue; fi
|
|
if [[ -f "$dir/key" ]]; then import_key "$dir"; fi
|
|
done
|
|
|
|
gpg2 --import-ownertrust "$GNUPGHOME/otrust.txt"
|
|
rm "$GNUPGHOME/otrust.txt"
|